Open source · npm

The Data Hogo CLI

Run one command and get a full security report printed right in your terminal. It runs entirely on your machine — nothing is uploaded.

Star on GitHub

AGPL-3.0 · works on macOS, Linux and Windows

zsh
$ npx datahogo

That is the whole thing: a colored report, in your terminal, in seconds. No account, no dashboard, nothing leaves your machine.

Three ways to run it

Same scanner, wherever you work.

1

In your terminal

The default. Point it at a project and read the report — score, findings, and the fix, right where you already are.

# Run once, no install
npx datahogo

# Or install it globally
npm install -g datahogo
datahogo scan
2

In your CI

The GitHub Action fails the build when it finds issues at the severity you choose, and uploads results to your repo’s Security tab.

# .github/workflows/security.yml
name: Security
on: [push, pull_request]
permissions:
  contents: read
  security-events: write
jobs:
  scan:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4
      - uses: datahogo/datahogo@main
        with:
          fail-on: high

Not on GitHub? Any CI works — pipe --sarif or --json output wherever you need it.

3

Inside Claude Code or Cursor

A separate, optional package (@datahogo/mcp) exposes the scanner as tools your AI agent can call. It scans, then writes the explanation and the fix itself.

# Separate optional package — adds the scanner
# as tools your AI agent can call
claude mcp add datahogo -- npx -y @datahogo/mcp

Optional. The base CLI never needs it — this is only if you want scanning inside your editor.

Commands and options

datahogo scan [path]Scan a directory (default: current)
--jsonMachine-readable JSON output
--sarifSARIF 2.1.0 for GitHub Code Scanning
--fail-on <severity>Exit non-zero at or above a severity
--url <url>Also scan a deployed URL
--explainAI explanations (uses your ANTHROPIC_API_KEY)
datahogo doctorCheck optional tools (Semgrep, Gitleaks)

Free, forever.

The CLI is open source and always will be. Star it, fork it, read every line.